Page MenuHomePhabricator

move user home to persistent storage
Open, NormalPublicFEATURE REQUEST

Description

We need to move or bind /home
to persistent storage (e.g. /config/home)

Details

Difficulty level
Unknown (require assessment)
Version
-
Why the issue appeared?
Will be filled on close

Event Timeline

syncer created this task.Jul 11 2018, 7:51 PM
syncer assigned this task to UnicronNL.
syncer triaged this task as Normal priority.Jul 12 2018, 8:52 AM

If someone could point me to the relevant code files / documentation, I can give it a look.
If it is a simple thing to do I may even be able to create a PR.

I would start to look into /opt/vyatta/sbin/install-image*, those are the 'install image' scripts, you can see the mounts there since the OS part is a squashfs mount.

Thanks @hagbard

/opt/vyatta/sbin/install-image-existing

is it. I can surely extend it quick and dirty to have something working which can then be improved and beautified as needed.

Thanks @c-po. I'm not sure though - how does "user creation" matter in that context? I had the impression that preserving home/user will be mostly a matter of adding a few lines of code to https://github.com/vyos/vyatta-cfg-system/blob/current/scripts/install/install-image-existing similar to the /etc/ssh block starting at line 240. Am I wrong?

The below code does work if inserted at line 254. It does however mess with the ownership of the home dir it's all owned by vyos afterwards even though cp -p i used, resulting ssh key based authn not working anymore until fixing ownership.

  1. Would someone know why this happened and how to fix it?
  2. Other question I was asking myself - SSH authorized_keys seem to be copied over already - where does this happen?
if [ -d /home ]; then
  resp=''
  while [ -z "$resp" ]; do
    echo 'Would you like to save /home/* from your '
    echo -n 'current configuration? (Make sure you have enough free space!) (Yes/No) [Yes]: '
    resp=$(get_response "Yes" "Yes No Y N")
    if [ "$resp" == 'yes' ] || [ "$resp" == 'y' ]; then
      echo 'Copying /home/*...'
      ndir=${INST_ROOT}/home
      mkdir -p $ndir
      cp -rp /home/* $ndir
    fi
  done
fi

I never had a look into that, however I found something interesting.
https://github.com/vyos/vyatta-cfg-system/blob/current/scripts/install/install-get-partition, check out save_old_keys() at line 433.
The script you are looking into is, when vyos is already installed.

Thank you @hagbard. This copies unfortunately only the ssh host keys. Interstingly this also happens in install-image-existing and is likely duplicate code ?

Guess I have to clone the repos and do a full text search to find out where and how ssh ~/.ssh/authorized_keys gets copied over.

kroy added a subscriber: kroy.EditedDec 12 2018, 3:43 AM

Would it make sense to create this as a separate partition during installation? Instead of trying to preserve? Given my recent work on the EFI stuff, I've got an idea where this might happen.

Otherwise, preserving home as ssh keys, config, etc are would be fairly trivial, this is definitely all code I messed with during my recent vyatta-cfg-system machinations and I could get this done.

kroy added a comment.Dec 18 2018, 4:35 PM

Here's a branch that makes this work on an upgrade. For now, it wouldn't cover the initial install, but only subsequent upgrades. This covers a MAJOR pain point for me where I lose my bash history on an upgrade.

Unfortunately, because on an upgrade, the installed system's scripts are used, this means this code won't work on the first upgrade, only subsequent upgrades after this ISO is added to a running system.

kroy added a comment.Dec 20 2018, 7:37 PM

I've been using my branch for a few daily upgrades now, and it seems flawlessly, minus one thing.

If you have multiple users, there's no guarantee that "user1" will have the same user ID after the upgrade. That means the home directory for "user1" gets owned by "user2" and vise-versa after the upgrade. It's a simple fix, but it requires a manual hack to chown the user homes correctly after the boot.

For single user hosts, it's been perfect.

pasik added a subscriber: pasik.Mar 12 2019, 6:13 PM